Search in sources :

Example 21 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class CompositeAuthorizationConfiguration method getPermissionProvider.

@Nonnull
@Override
public PermissionProvider getPermissionProvider(@Nonnull final Root root, @Nonnull final String workspaceName, @Nonnull final Set<Principal> principals) {
    List<AuthorizationConfiguration> configurations = getConfigurations();
    switch(configurations.size()) {
        case 0:
            throw new IllegalStateException();
        case 1:
            return configurations.get(0).getPermissionProvider(root, workspaceName, principals);
        default:
            List<AggregatedPermissionProvider> aggrPermissionProviders = new ArrayList<>(configurations.size());
            for (AuthorizationConfiguration conf : configurations) {
                PermissionProvider pProvider = conf.getPermissionProvider(root, workspaceName, principals);
                if (pProvider instanceof AggregatedPermissionProvider) {
                    aggrPermissionProviders.add((AggregatedPermissionProvider) pProvider);
                } else {
                    log.debug("Ignoring permission provider of '{}': Not an AggregatedPermissionProvider", conf.getClass().getName());
                }
            }
            PermissionProvider pp;
            switch(aggrPermissionProviders.size()) {
                case 0:
                    pp = EmptyPermissionProvider.getInstance();
                    break;
                case 1:
                    pp = aggrPermissionProviders.get(0);
                    break;
                default:
                    pp = new CompositePermissionProvider(root, aggrPermissionProviders, getContext(), compositionType, getRootProvider());
            }
            return pp;
    }
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) AggregatedPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider) ArrayList(java.util.ArrayList) EmptyPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider) PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider) AggregatedPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider) Nonnull(javax.annotation.Nonnull)

Example 22 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class MountPermissionProviderRandomTestIT method candidatePermissionProvider.

@Override
protected PermissionProvider candidatePermissionProvider(@Nonnull Root root, @Nonnull String workspaceName, @Nonnull Set<Principal> principals) {
    SecurityProvider sp = SecurityProviderBuilder.newBuilder().build();
    AuthorizationConfiguration acConfig = MountUtils.bindMountInfoProvider(sp, mountInfoProvider);
    PermissionProvider composite = acConfig.getPermissionProvider(root, workspaceName, principals);
    Assert.assertTrue(composite instanceof MountPermissionProvider);
    return composite;
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) SecurityProvider(org.apache.jackrabbit.oak.spi.security.SecurityProvider) PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)

Example 23 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class MountUtils method bindMountInfoProvider.

static AuthorizationConfiguration bindMountInfoProvider(@Nonnull SecurityProvider securityProvider, @Nonnull MountInfoProvider mountInfoProvider) {
    AuthorizationConfiguration acConfig = securityProvider.getConfiguration(AuthorizationConfiguration.class);
    Assert.assertTrue(acConfig instanceof CompositeAuthorizationConfiguration);
    ((AuthorizationConfigurationImpl) ((CompositeAuthorizationConfiguration) acConfig).getDefaultConfig()).bindMountInfoProvider(mountInfoProvider);
    return acConfig;
}
Also used : CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration) AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration) AuthorizationConfigurationImpl(org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl) CompositeAuthorizationConfiguration(org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration)

Example 24 with AuthorizationConfiguration

use of org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration in project jackrabbit-oak by apache.

the class AbstractCompositeProviderTest method createPermissionProviderOR.

CompositePermissionProvider createPermissionProviderOR(Set<Principal> principals) {
    String workspaceName = root.getContentSession().getWorkspaceName();
    AuthorizationConfiguration config = getConfig(AuthorizationConfiguration.class);
    return new CompositePermissionProvider(root, getAggregatedProviders(workspaceName, config, principals), config.getContext(), CompositionType.OR, getRootProvider());
}
Also used : AuthorizationConfiguration(org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)

Aggregations

AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)24 Test (org.junit.Test)11 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)10 PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)8 CompositeAuthorizationConfiguration (org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration)6 SecurityProvider (org.apache.jackrabbit.oak.spi.security.SecurityProvider)6 EmptyPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider)6 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)5 Principal (java.security.Principal)3 Tree (org.apache.jackrabbit.oak.api.Tree)3 AuthorizationConfigurationImpl (org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl)3 Field (java.lang.reflect.Field)2 OpenAuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.OpenAuthorizationConfiguration)2 AggregatedPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)2 RestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider)2 ArrayList (java.util.ArrayList)1 Nonnull (javax.annotation.Nonnull)1 RepositoryException (javax.jcr.RepositoryException)1 AccessControlManager (javax.jcr.security.AccessControlManager)1 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)1